CVE-2023-21671 – Improper Input Validation in Core
https://notcve.org/view.php?id=CVE-2023-21671
Memory Corruption in Core during syscall for Sectools Fuse comparison feature. Corrupción de la memoria en Core durante la llamada al sistema para la función de comparación de Sectools Fuse. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-20: Improper Input Validation •
CVE-2023-33035 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33035
Memory corruption while invoking callback function of AFE from ADSP. Corrupción de la memoria al invocar la función de devolución de llamada de AFE desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33034 – Signed-to-unsigned conversion error in Audio
https://notcve.org/view.php?id=CVE-2023-33034
Memory corruption while parsing the ADSP response command. Corrupción de la memoria al analizar el comando de respuesta ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-195: Signed to Unsigned Conversion Error CWE-787: Out-of-bounds Write •
CVE-2023-33029 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2023-33029
Memory corruption in DSP Service during a remote call from HLOS to DSP. Corrupción de la memoria en el servicio DSP durante una llamada remota de HLOS a DSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-416: Use After Free •
CVE-2023-33027 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies. DOS transitorio en el WLAN Firmware mientras se analiza rsn ies. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •